flash

http://colmedbcs.amcare.com.mx/covidapprove/Attachment%20Name%2020200408_2049.pdf.html

Status: finished
Submission Time: 17.11.2020 18:12:43
Malicious

Comments

Tags

Details

  • Analysis ID:
    318930
  • API (Web) ID:
    539660
  • Analysis Started:
    17.11.2020 18:12:43
  • Analysis Finished:
    17.11.2020 18:15:40
  • Technologies:
Full Report Management Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
56/100

malicious
11/82

malicious

malicious

IPs

IP Country Detection
108.179.194.17
United States

Domains

Name IP Detection
colmedbcs.amcare.com.mx
108.179.194.17
code.jquery.com
0.0.0.0

URLs

Name Detection
http://colmedbcs.amcare.com.mx/covidapprove/Attachment%20Name%2020200408_2049.pdf.htmlRoot
http://colmedbcs.amcare.com.mx/covidapprove/Attachment%20Name%2020200408_2049.pdf.html(404
http://colmedbcs.amcare.com.mx/covidapprove/Attachment%20Name%2020200408_2049.pdf.html
Click to see the 6 hidden entries
http://colmedbcs.amcare.com.mx/covidapprove/Attachment%20Name%2020200408_2049.pdf.html
http://colmedbcs.amcare.com.mx/cgi-sys/images/x.png
http://colmedbcs.amcare.com.mx/covidapprove/favicon.ico
http://colmedbcs.amcare.com.mx/cgi-sys/images/404bottom.gif
http://colmedbcs.amcare.com.mx/cgi-sys/images/404top_w.jpg
http://colmedbcs.amcare.com.mx/cgi-sys/images/404mid.gif

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3726A8E0-28F8-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3726A8E2-28F8-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3726A8E3-28F8-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
#
Click to see the 9 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\404bottom[1].gif
GIF image data, version 89a, 868 x 14
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-3.3.1.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\x[1].png
PNG image data, 97 x 97, 8-bit colormap, non-interlaced
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\404mid[1].gif
GIF image data, version 89a, 868 x 4
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\404top_w[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 868x169, frames 3
#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\simple-expand.min[1].js
ASCII text, with very long lines
#
C:\Users\user\AppData\Local\Temp\~DF4425D94667943989.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DF7354D8EA81AF3CC6.TMP
data
#
C:\Users\user\AppData\Local\Temp\~DFB6A960B036C6C2EF.TMP
data
#